Check Point detects several vulnerabilities in NFT trading and cryptocurrency

NFT vulnerabilities

Vulnerability in the large NFT marketplace Rarible

The security researchers at Check Point Research (CPR) discovered a security vulnerability in the NFT marketplace Rarible. Exploitation could have resulted in the theft of each user’s NFTs and cryptocurrencies. Just a fraudulent transaction would have been sufficient. Immediately after the vulnerability was discovered, CPR reported it to Rarible on April 5, which took note of the warning. The security researchers believe that the security hole should have been closed at the time of publication of this report – but do not confirm it. Rarible is the second NFT marketplace where CPR discovered a dangerous vulnerability because security researchers found something similar in October 2021 at the world’s largest NFT marketplace from OpenSea.

The fraudulent attack would have been launched by a malicious NFT in the Rarible market itself, which users trust. The scammer’s target would receive the link to the infected NFT and click on it to launch the attack – or a user would browse the marketplace and randomly find this infected but harmless looking NFT and click on it. The malicious NFT executes JavaScript code, which then requests ApprovalForAll from the user. If the user confirms this carelessly, he gives access to his NFTs and crypto tokens. The hackers could then steal the NFT and cryptocurrency wallets from the victim in one transaction.

Experts noticed this time on April 1, when the NFTs were stolen from Taiwanese singer Jay Chou and sold on the Rarible market for $ 500,000. Chou was tricked into accepting a similarly crafted request, which then used a transaction to access his BoardAppe NFT 3788. Rarible reported a $ 273 million sale in 2021 on its marketplace, making the platform one of the largest on the market.

Oded Vanunu, Head of Product Vulnerabilities Research at Check Point Software

By Oded Vanunu, Head of Products Vulnerability at Check Point Software Technologies , explains: “CPR has invested significant resources in investigating the intersection between cryptocurrency and IT security. We continue to see great efforts from cybercriminals trying to make big profits from cryptocurrencies and especially from NFT marketplaces. In October last year, we discovered critical security vulnerabilities in OpenSea, the world’s largest NFT marketplace.Now we have found similar vulnerabilities in Rarible.In terms of security there is still a large gap between the Web2 and Web3 infrastructure.Every small vulnerability opens a back door for hackers to hijack cryptocurrencies behind the scenes.We are still in a state where marketplaces that combine Web3 protocols do not have sound security practices.The consequences of a cryptohack can also be extreme.We have seen millions of dollars stolen from users of marketplaces that combine blockchain technologies I’m currently expecting a further increase in these thefts. Users need to be careful. They currently have a need to manage two types of wallets: one for the majority of their cryptocurrencies and another only for specific transactions. However, should it only be the wallet of certain transactions that is attacked, users may still be able to not lose everything. In any case, CPR will continue to research the security implications of the new blockchain technology. “

CPR recommends being careful and vigilant when receiving requests to sign on such marketplaces, including within the marketplace itself. Before approving a request, users should carefully consider what is being asked and consider whether the request is unusual or suspicious. If in doubt, they should reject the request and review it further before granting approval. Users are also advised to revoke token approvals when in doubt.

Leave a Comment